Lucene search

K

PRIOn knowledge basePRION:CVE-2013-6442

HistoryMar 14, 2014 - 10:55 a.m.

Design/Logic Flaw

2014-03-1410:55:00

PRIOn knowledge base

www.prio-n.com

5

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.007 Low

EPSS

Percentile

80.2%

The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended administrative change.

CPENameOperatorVersion
sambaeq4.1.5
sambaeq4.1.4
sambaeq4.1.0
sambaeq4.1.2
sambaeq4.1.3
sambaeq4.1.1
sambaeq4.0.14
sambaeq4.0.2
sambaeq4.0.11
sambaeq4.0.3

Rows per page:

1-10 of 221

References

lists.opensuse.org/opensuse-updates/2014-03/msg00062.html

www.securityfocus.com/bid/66232

bugzilla.samba.org/show_bug.cgi?id=10327

lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html

lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html

www.samba.org/samba/history/samba-4.0.16.html

www.samba.org/samba/history/samba-4.1.6.html

www.samba.org/samba/security/CVE-2013-6442

7 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.007 Low

EPSS

Percentile

80.2%

Related for PRION:CVE-2013-6442

cvelist1 cve1 samba1 seebug1 debiancve1 openvas16 ubuntucve1 altlinux3 slackware1 nessus13 freebsd1 securityvulns2 redhat1 veracode2 centos1 oraclelinux2 fedora7